Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/05x7mD_m5uxT3O4dmcndJqXpKgk.roa
File: 05x7mD_m5uxT3O4dmcndJqXpKgk.roa (raw, json)
Hash identifier: iPMcymS6EnGcodKWMINDSPcRjmnEs+L7ftAHyWJn8ic=
Subject key identifier: D3:9C:7B:98:3F:E6:E6:EC:53:DC:EE:1D:99:C9:DD:26:A5:E9:2A:09
Certificate issuer: /CN=8d892f4ded92257e67ba74f1762c8bc914ebd61c
Certificate serial: 0185718C4CDE13474959243F0549DF228004
Authority key identifier: 8D:89:2F:4D:ED:92:25:7E:67:BA:74:F1:76:2C:8B:C9:14:EB:D6:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkvTe2SJX5nunTxdiyLyRTr1hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/05x7mD_m5uxT3O4dmcndJqXpKgk.roa
Signing time: Mon 02 Jan 2023 08:14:58 +0000
ROA not before: Mon 02 Jan 2023 08:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39892
IP address blocks: 2001:67c:1098::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:4c:de:13:47:49:59:24:3f:05:49:df:22:80:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d892f4ded92257e67ba74f1762c8bc914ebd61c
Validity
Not Before: Jan 2 08:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d39c7b983fe6e6ec53dcee1d99c9dd26a5e92a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:43:31:01:22:bc:93:d4:8d:f2:a4:2a:7c:
cb:0b:9a:b8:6d:60:14:cb:72:28:b3:36:b7:d1:75:
26:20:94:e6:45:06:81:61:48:13:eb:37:b8:82:5a:
99:16:5b:3b:c4:4a:87:b5:18:7f:59:96:dd:e7:fd:
9d:0b:5e:f8:ea:59:b7:1c:8c:0a:e1:24:58:88:e3:
1e:49:df:3e:d2:22:35:66:21:45:5c:c8:f4:db:97:
ad:35:69:10:0d:4f:32:88:dc:26:03:4c:df:94:fc:
6a:4e:94:8e:80:df:72:0b:df:0d:1f:f7:02:4f:8b:
cd:4c:47:67:0c:fb:01:4b:18:07:0f:f1:9d:3d:e5:
a8:dd:90:3d:c7:f2:2d:9a:e7:2a:fd:c4:18:13:d9:
25:7a:73:44:b4:e2:82:4a:50:91:f2:ab:ff:4b:db:
79:e2:2f:2d:7a:1f:6f:89:43:07:13:c9:cc:20:59:
dc:63:c3:22:79:da:49:fd:88:a2:76:b6:bf:fd:58:
8f:f6:e2:21:3d:fd:87:8f:8d:b5:02:db:80:88:36:
7e:97:c6:f5:38:51:6c:22:e0:e2:cf:03:e2:32:b8:
ef:1b:d7:4f:b9:ff:39:01:d7:d3:11:5d:bb:92:6a:
ba:eb:14:14:fd:d8:b6:4b:ad:b0:f6:3a:2f:79:2a:
a6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:9C:7B:98:3F:E6:E6:EC:53:DC:EE:1D:99:C9:DD:26:A5:E9:2A:09
X509v3 Authority Key Identifier:
keyid:8D:89:2F:4D:ED:92:25:7E:67:BA:74:F1:76:2C:8B:C9:14:EB:D6:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkvTe2SJX5nunTxdiyLyRTr1hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/05x7mD_m5uxT3O4dmcndJqXpKgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/d1a717-4cf3-4ae5-b0fc-0bd9ddf3970e/1/jYkvTe2SJX5nunTxdiyLyRTr1hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1098::/48
Signature Algorithm: sha256WithRSAEncryption
76:2d:11:17:cf:04:48:66:88:f3:94:4f:3a:c0:ef:84:fb:ed:
db:b6:fc:02:41:9d:f8:8e:8d:0a:80:d0:13:e1:b6:9c:3c:ca:
26:32:77:43:1b:5a:2b:3b:15:d2:67:4f:89:96:46:56:37:ed:
ca:5d:fd:17:8c:76:73:d6:99:89:4d:6f:98:a0:ca:77:93:58:
6b:e3:9d:55:ab:f6:42:1a:26:e2:9a:bd:09:ee:03:7f:98:33:
b5:6d:3a:1f:be:ca:7f:1d:ea:ad:73:fc:7f:1c:4d:a2:55:69:
ec:a7:29:01:05:3a:f4:c3:44:1a:88:38:4a:e9:dc:27:a7:bf:
5f:46:f3:82:87:2d:b8:23:21:ca:3e:02:51:15:28:d5:2a:14:
43:4c:38:65:01:d4:3a:41:35:ed:51:f8:b5:d3:fe:7d:fc:06:
03:ed:12:70:50:90:ae:2c:6e:48:b2:c7:6d:cb:38:15:72:5c:
5f:ab:fe:12:14:41:0d:8c:26:1f:06:8b:36:27:6f:ba:b4:73:
19:6a:c8:4f:48:58:bb:16:1c:ad:c6:8a:f5:b1:46:81:eb:43:
03:89:9d:a2:65:1d:3a:5f:55:5c:44:18:b1:5b:b7:06:5b:d0:
d8:e3:43:ad:7b:c5:70:67:44:d2:b3:29:a6:8c:1b:0b:ad:bf:
cf:a4:d7:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxjEzeE0dJWSQ/BUnfIoAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyZjRkZWQ5MjI1N2U2N2JhNzRmMTc2MmM4YmM5MTRl
YmQ2MWMwHhcNMjMwMTAyMDgxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzljN2I5ODNmZTZlNmVjNTNkY2VlMWQ5OWM5ZGQyNmE1ZTkyYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dxDMQEivJPUjfKkKnzLC5q4bWAU
y3Iosza30XUmIJTmRQaBYUgT6ze4glqZFls7xEqHtRh/WZbd5/2dC1746lm3HIwK
4SRYiOMeSd8+0iI1ZiFFXMj025etNWkQDU8yiNwmA0zflPxqTpSOgN9yC98NH/cC
T4vNTEdnDPsBSxgHD/GdPeWo3ZA9x/Itmucq/cQYE9klenNEtOKCSlCR8qv/S9t5
4i8teh9viUMHE8nMIFncY8MiedpJ/Yiidra//ViP9uIhPf2Hj421AtuAiDZ+l8b1
OFFsIuDizwPiMrjvG9dPuf85AdfTEV27kmq66xQU/di2S62w9joveSqm7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNOce5g/5ubsU9zuHZnJ3Sal6SoJMB8GA1UdIwQY
MBaAFI2JL03tkiV+Z7p08XYsi8kU69YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallrdlRlMlNKWDVudW5UeGRpeUx5UlRyMWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kMWE3MTctNGNmMy00YWU1LWIwZmMt
MGJkOWRkZjM5NzBlLzEvMDV4N21EX201dXhUM080ZG1jbmRKcVhwS2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kMWE3MTctNGNmMy00YWU1LWIwZmMtMGJkOWRkZjM5NzBl
LzEvallrdlRlMlNKWDVudW5UeGRpeUx5UlRyMWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBCY
MA0GCSqGSIb3DQEBCwUAA4IBAQB2LREXzwRIZojzlE86wO+E++3btvwCQZ34jo0K
gNAT4bacPMomMndDG1orOxXSZ0+JlkZWN+3KXf0XjHZz1pmJTW+YoMp3k1hr451V
q/ZCGibimr0J7gN/mDO1bTofvsp/Heqtc/x/HE2iVWnspykBBTr0w0QaiDhK6dwn
p79fRvOChy24IyHKPgJRFSjVKhRDTDhlAdQ6QTXtUfi10/59/AYD7RJwUJCuLG5I
ssdtyzgVclxfq/4SFEENjCYfBos2J2+6tHMZashPSFi7Fhytxor1sUaB60MDiZ2i
ZR06X1VcRBixW7cGW9DY40Ote8VwZ0TSsymmjBsLrb/PpNdY
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:36:16 2025 by rpki-client